Dataset Integrity Checks for ML Models

By /

Dataset Integrity Checks for ML Models

ISEF Category: Systems Software

Ready to Turn This Idea Into a Real Project?

This guide was put together with the help of AI research tools to give you a solid starting point. But a competitive science fair project lives in the details: refining your research question, fine-tuning your variables, analyzing your data, and presenting your findings like a seasoned scientist.

For next steps tailored to your interests, skill level, and timeline, work one-on-one with a MehtA+ mentor. Learn more about MehtA+ Science & Engineering Research Mentorship →

Subcategory: Cybersecurity  ·  Difficulty: Advanced  ·  Setup: University Lab  ·  Time: Full Year

The Hook

A dataset can change without anyone noticing. That matters if people train models, run benchmarks, or publish results using the wrong version. Your project asks a simple question with big stakes, can you prove a public dataset stayed the same between releases?

What Is It?

This topic sits at the intersection of software security and data trust. A public machine learning dataset can look identical on the surface, but a few hidden edits can change results, break reproducibility, or skew a benchmark. Your job is to design a way to detect those changes quickly and confidently.

A good analogy is a sealed box of puzzle pieces. If even a few pieces get swapped, the final picture can change. Merkle commitments work like a tamper-evident seal for data. They turn many files or records into a single fingerprint that changes if the contents change. Hash-graph diffing adds another layer, because it helps you compare versions and pinpoint what changed, not just whether something changed.

The "canary" idea means you look for records or patterns that should stay stable unless someone edited the dataset. In practice, you may use statistical signals, hashes, and version comparisons together. That makes the project less like a simple checksum test and more like a real security tool for open data.

Why This Is a Good Topic

This is a strong science fair topic because it has a clear question, measurable output, and room for original work. You can test how well different integrity methods detect silent dataset edits, and you can compare false alarms against missed changes. The topic also connects to a real problem in AI research, since many teams depend on public datasets staying trustworthy across releases. A student can learn hashing, version control ideas, data comparison, and basic statistical testing without needing to build a full production system.

Research Questions

  • How does Merkle-tree chunk size affect the speed and accuracy of detecting silent dataset edits?
  • What is the effect of different hash functions on the ability to detect single-record changes in a public dataset?
  • Does hash-graph diffing find more hidden modifications than a plain file-level checksum?
  • To what extent can statistical canary records predict whether a dataset version has been modified?
  • Which type of dataset change, record deletion, record replacement, or row reordering, is easiest to detect?
  • How does dataset size affect the time needed to certify that two releases match?

Basic Materials

  • Laptop or desktop computer with internet access.
  • Python installed locally or in a notebook environment.
  • Jupyter Notebook or Google Colab for experiments and notes.
  • Git for tracking code and version changes.
  • Access to public open-source datasets from Hugging Face Datasets or similar repositories.
  • Spreadsheet software for logging version comparisons and results.
  • Digital notebook for recording protocol choices and observations.

Advanced Materials

  • University or school server access for larger dataset comparisons.
  • Python with pandas, NumPy, and hashing libraries.
  • NetworkX for graph-based comparisons.
  • Access to multiple dataset versions from Hugging Face Datasets or another public repository.
  • Storage for intermediate hashes, manifests, and comparison outputs.
  • Statistical analysis software such as R or Python SciPy.
  • Optional compute access for benchmarking on large corpus-sized datasets.

Software & Tools

  • Python: Runs scripts that hash records, compare versions, and score detection performance.
  • Jupyter Notebook: Lets you document your workflow and show results step by step.
  • Git: Tracks changes in your code and analysis files.
  • Hugging Face Datasets: Provides public dataset versions for testing silent-change detection.
  • pandas: Organizes dataset metadata, version tables, and comparison outputs.

Experiment Steps

  1. Define the dataset versioning problem you want to measure, then choose one public dataset family with multiple releases.
  2. Decide which integrity signals you will compare, such as whole-file hashes, record-level hashes, Merkle commitments, and graph-based diffs.
  3. Build a test plan that includes clean versions, simulated tampering, and benign changes like reordered rows or metadata edits.
  4. Choose the metric you will use to judge success, such as detection rate, false positive rate, or time to certify a release.
  5. Plan controls that separate real content changes from formatting or packaging changes.
  6. Organize a repeatable analysis pipeline so another person could run the same checks on a different dataset.

Common Pitfalls

  • Using only one hash for an entire file, which misses small record-level edits inside a large dataset.
  • Treating row reordering as corruption, which can create false alarms even when the data values stayed the same.
  • Comparing datasets with different preprocessing rules, which makes version differences look like tampering.
  • Ignoring duplicate rows or near-duplicate records, which can hide or inflate change signals.
  • Testing on only one dataset family, which makes the method look stronger than it really is.

What Makes This Competitive

A stronger project goes beyond a yes-or-no integrity check. You can compare multiple detection methods, measure both missed edits and false alarms, and test them on several dataset types. You can also study which edits are hardest to catch, then explain why your method works better on those cases. That kind of analysis shows real judgment, not just coding ability.

Project Variations

  • Test the method on image datasets instead of text datasets to see how file structure changes the detection problem.
  • Compare version drift in curated benchmark datasets versus community-maintained datasets to see which one changes more often.
  • Focus on metadata and documentation changes, then measure whether those changes can warn you before the raw data itself changes.

Learn More

  • MIT OpenCourseWare, 6.858 Computer Systems Security: Search the course site for lectures on hashing, integrity, and trustworthy systems.
  • NIST Computer Security Resource Center: Look for background on cryptographic hashes, digital integrity, and secure verification concepts.
  • NOAA Data Stewardship Resources: Search for public data quality and version control guidance that applies to scientific datasets.
  • Hugging Face Datasets Documentation: Read the dataset loading and versioning docs to understand how public dataset releases are organized.
  • PubMed: Search review articles on reproducibility, data integrity, and benchmark reliability in machine learning research.
  • arXiv: Search for preprints on dataset tampering, data poisoning, and dataset version control methods.
Shopping Cart